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CLAIMS 



1. A method of recovering target data provided in encrypted form to a party as part of a 
data set with which first and second trusted authorities are associated in a non-subvertible 

5 manner, the method comprising: 

providing a first element to the party after the first trusted authority has verified that a 

specific individual is a professional accredited with it; 
providing a second element to the party after both the second trusted authority has 
verified that a particular organisation is accredited with it, and said particular 
10 organisation has verified that said specific individual is engaged by it; and 

the party using both said elements to recover the target data in clear; 
at least one of the particular organisation and the first trusted authority ensuring that its 
verification is for said party as said specific individual before providing the corresponding 
element. 

15 

2. A method according to claim 1 , wherein said data set comprises an encrypted first item 
decryptable using a first decryption key obtainable from the first trusted authority and an 
encrypted second item decryptable using a second decryption key obtainable from the 
second trusted authority, both items requiring decryption for the target data to be recovered 

20 in clear; the method comprising: 

(a) providing the party, in a secure manner, with the first element from the first trusted 
authority only if the latter is satisfied that the party is a professional accredited with 
this authority, the first element being one of the first decryption key and the first item 
recovered with this key; 

25 (b) providing said particular organisation, in a secure manner, with the second 
decryption key, or the second item decrypted with this key, from the second trusted 
authority only if the latter is satisfied that the particular organisation is accredited 
with this authority; 

(c) providing the party with the second element from said particular organisation only if 
30 the organisation is satisfied that the party is engaged by the organisation with 

authority to access the target data, the second element being one of the second 
decryption key and the second item recovered with this key; and 
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(d) recovering the target data at the party by using the decrypted first and second items, 
decryption of the target data being effected at the party. 

3. A method according to claim 2, wherein the particular organisation provides its output 
5 to said party in a secure manner. 

4. A method according to claim 2, wherein: 
the first item has been encrypted, according to an Identifier-Based Encryption, EBE, 

scheme, based on encryption parameters comprising a first encryption key string that 
identifies said specific individual, and public data of the first trusted authority; the 
first decryption key being a key generated by the first trusted authority in dependence 
both on the first encryption key string and on private data related to said public data; 
and 

the second item has been encrypted, according to an IBE scheme, based on encryption 
parameters comprising a second encryption key string that identifies a specific 
organisation, and public data of the second trusted authority; the second decryption 
key being a key generated by the second trusted authority in dependence both on the 
second encryption key string and on private data related to said public data; the 
second decryption key, or the second item recovered with this key, only be provided 
to said particular organisation upon the second trusted authority being satisfied that 
said particular organisation is the specific organisation identified in the second 
encryption key string as well it as being an organisation accredited with the second 
trusted authority. 

25 5. A method according to claim 4, wherein the first item comprises the target data, and the 
second item comprises the encrypted first item; the second item being recovered using the 
second decryption key and then being subject to decryption using the first decryption key to 
recover the target data. 

30 6. A method according to claim 4, wherein the first item comprises the target data, the 
second item comprises a nonce, and the first encryption key string comprises, in 
combination, an identifier of said specific individual and said nonce; the second item being 
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recovered using the second decryption key to provide said nonce which is then combined 
with the identifier of said specific individual to form the first encryption key string, this 
key string thereafter being provided to the first trusted authority in order to enable the latter 
to provide the first decryption key for use at said party to decrypt the first item and thereby 
5 recover the target data. 

7. A method according to claim 4, wherein the first item comprises first data and the 
second item comprises second data, the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 

10 data; the first and second items being independently recovered to provide the first and 
second data which are then used at said party to form said symmetric key, this key then 
being used to decrypt the target data. 

8. A method according to claim 4, wherein the data set comprises, in addition to said first 
15 and second items, said target data encrypted using a first symmetric key, the second item 

comprising a second symmetric key, and the first item comprising the first symmetric key 
encrypted using the second symmetric key; the first and second items being independently 
recovered to provide the encrypted first symmetric key and the second symmetric key, and 
the second symmetric key then being used at said party to decrypt the encrypted first 
20 symmetric key after which the first symmetric key is used to decrypt the encrypted target 
data. 

9. A method according to claim 4, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the first item of each data set being encrypted 

25 with a first encryption key string that comprises, in addition to identification of said 
specific individual, a random element; the party, in recovering each target data, obtaining 
from the first trusted authority, the corresponding first decryption key or the corresponding 
first item recovered using this key. 

30 10. A method according to claim 4, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the first item of each data set being encrypted 
with the same first encryption key string; the party, after having obtained the corresponding 
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first decryption key from the first trusted authority in the course of recovering the target 
data of one data set, caching the first decryption key and re-using it from cache for 
recovering the target datas of subsequent data sets that have first items encrypted using the 
same first encryption key string as that for which the cached first decryption key was 
5 obtained. 

11. A method according to claim 4, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the second item of each data set being 
encrypted with a second encryption key string that comprises, in addition to identification 
10 of said specific organisation, a random element; the requesting organisation obtaining from 
the second trusted authority, for each different second encryption key string used, the 
corresponding second decryption key or the corresponding second item recovered using 
this key. 

15 12. A method according to claim 4, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the second item of each data set being 
encrypted with the same second encryption key string; the requesting organisation after 
having obtained the corresponding second decryption key from the second trusted authority 
in respect of one data set, caching the second decryption key and re-using it from cache for 

20 subsequent data sets that have second items encrypted using the same second encryption 
key string as that for which the cached second decryption key was obtained, the requesting 
organisation decrypting the second item itself and passing the recovered second item to 
said party. 

25 13. A method according to claim 1 , wherein said data set comprises an encrypted first item 
decryptable using a first decryption key obtainable from the first trusted authority and an 
encrypted second item decryptable using a second decryption key obtainable from the 
second trusted authority, both items requiring decryption for the target data to be recovered 
in clear and the data set identifying said specific individual; the method comprising: 

30 (a) providing the party with the first element from the first trusted authority only if the 
latter is satisfied that said specific individual, as identified in the data set, is a 
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professional accredited with this authority, the first element being one of the first 
decryption key and the first item recovered with this key; 

(b) providing said particular organisation, in a secure manner, with the second 
decryption key, or the second item decrypted with this key, from the second trusted 

5 authority only if the latter is satisfied that the organisation is accredited with this 

authority; 

(c) providing the party with the second element, from said particular organisation only if 
the latter is satisfied that said specific individual is engaged by the organisation with 
authority to access the target data, the second element being one of the second 

10 decryption key and the second item recovered with this key; and 

(d) recovering the target data at the party by using the decrypted first and second items, 
decryption of the target data being effected at the party; 

at least one of the first trusted authority and said particular organisation providing its 
associated element to said party in a secure manner and only after being satisfied that the 
15 party is the said specific individual identified in the data set. 

14. A method according to claim 13, wherein: 

the first item has been encrypted, according to an Identifier-Based Encryption, IBE, 
scheme, based on encryption parameters comprising a first encryption key string that 
20 identifies said specific individual, and public data of the first trusted authority; the 

first decryption key being a key generated by the first trusted authority in dependence 
both on the first encryption key string and on private data related to said public data; 
and 

the second item has been encrypted, according to an IBE scheme, based on encryption 
25 parameters comprising a second encryption key string that identifies a specific 

organisation, and public data of the second trusted authority; the second decryption 
key being a key generated by the second trusted authority in dependence both on the 
second encryption key string and on private data related to said public data; the 
second decryption key, or the second item recovered with this key, only be provided 
30 to said particular organisation upon the second trusted authority being satisfied that 

said particular organisation is the specific organisation identified in the second 
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encryption key string as well it as being an organisation accredited with the second 
trusted authority. 

15. A method according to claim 14, wherein the first item comprises the target data, and 
5 the second item comprises the encrypted first item; the second item being recovered using 

the second decryption key and then being subject to decryption using the first decryption 
key to recover the target data. 

16. A method according to claim 14, wherein the first item comprises the target data, the 
10 second item comprises a nonce, and the first encryption key string comprises, in 

combination, an identifier of said specific individual and said nonce; the second item being 
recovered using the second decryption key to provide said nonce which is then combined 
with the identifier of said specific individual to form the first encryption key string, this 
key string thereafter being provided to the first trusted authority in order to enable the latter 
15 to provide the first decryption key for use at said party to decrypt the first item and thereby 
recover the target data. 

17. A method according to claim 14, wherein the first item comprises first data and the 
second item comprises second data, the data set further comprising said target data 

20 encrypted using a symmetric key that can be formed by using both said first and second 
data; the first and second items being independently recovered to provide the first and 
second data which are then used at said party to form said symmetric key, this key then 
being used to decrypt the target data. 

25 18. A method according to claim 14, wherein the data set comprises, in addition to said 
first and second items, said target data encrypted using a first symmetric key, the second 
item comprising a second symmetric key, and the first item comprising the first symmetric 
key encrypted using the second symmetric key; the first and second items being 
independently recovered to provide the encrypted first symmetric key and the second 

30 symmetric key, and the second symmetric key then being used at said party to decrypt the 
encrypted first symmetric key after which the first symmetric key is used to decrypt the 
encrypted target data. 
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19. A method according to claim 14, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the first item of each data set being encrypted 
with a first encryption key string that comprises, in addition to identification of said 

5 specific individual, a random element; the party, in recovering each target data, obtaining 
from the first trusted authority, the corresponding first decryption key or the corresponding 
first item recovered using this key. 

20. A method according to claim 14, wherein the party is provided with multiple different 
1 0 encrypted target datas in respective data sets, the first item of each data set being encrypted 

with the same first encryption key string; the party, after having obtained the corresponding 
first decryption key from the first trusted authority in the course of recovering the target 
data of one data set, caching the first decryption key and re-using it from cache for 
recovering the target datas of subsequent data sets that have first items encrypted using the 
1 5 same first encryption key string as that for which the cached first decryption key was 
obtained. 

21. A method according to claim 14, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the second item of each data set being 

20 encrypted with a second encryption key string that comprises, in addition to identification 
of said specific organisation, a random element; the requesting organisation obtaining from 
the second trusted authority, for each different second encryption key string used, the 
corresponding second decryption key or the corresponding second item recovered using 
this key. 

25 

22. A method according to claim 14, wherein the party is provided with multiple different 
encrypted target datas in respective data sets, the second item of each data set being 
encrypted with the same second encryption key string; the requesting organisation after 
having obtained the corresponding second decryption key from the second trusted authority 

30 in respect of one data set, caching the second decryption key and re-using it from cache for 
subsequent data sets that have second items encrypted using the same second encryption 
key string as that for which the cached second decryption key was obtained, the requesting 
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organisation decrypting the second item itself and passing the recovered second item to 
said party. 

23. A secure data-provision method comprising providing target data from a data provider 
5 to a party purporting to be a specific, professionally-accredited, individual engaged by a 

specific accredited organisation, the target data being provided in encrypted form as part of 
a data set that comprises: 

a first item encrypted, according to an Identifier-Based Encryption, EBE, scheme, in 
dependence on encryption parameters comprising a first encryption key string that 
10 identifies said specific individual, and public data of a first trusted authority 

competent in respect of professional accreditations; and 
a second item encrypted according to an IBE scheme, in dependence on encryption 
parameters comprising a second encryption key string that identifies said specific 
organisation, and public data of a second trusted authority competent in respect of 
15 accreditations of organisations; 

recovery of the target data in clear requiring decryption of both the first and second items. 

24. A method according to claim 23, wherein the first item comprises the target data, and 
the second item comprises the encrypted first item. 

20 

25. A method according to claim 23, wherein the first item comprises the target data, and 
the second item comprises a nonce; the first encryption key string comprising, in 
combination, an identifier of said specific individual and said nonce. 

25 26. A method according to claim 23, wherein the first item comprises first data, and the 
second item comprises second data; the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 
data. 

30 27. A method according to claim 23, wherein the data set comprises, in addition to said 
first and second items, said target data encrypted using a first symmetric key, the second 
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item comprising a second symmetric key, and the first item comprising the first symmetric 
key encrypted using the second symmetric key. 

28. A secure data-provision method comprising providing target data from a data provider 
5 to a party purporting to be a specific, professionally-accredited, individual engaged by a 

specific accredited organisation, the target data being provided in encrypted form as part of 
a data set that comprises: 

a first item encrypted using both a first encryption key string that identifies said specific 
individual, and public data of a first trusted authority competent in respect of 
10 professional accreditations; and 

a second item encrypted using both a second encryption key string that identifies said 
specific organisation, and public data of a second trusted authority competent in 
respect of accreditations of organisations; 
recovery of the target data in clear requiring decryption of both the first and second items. 

15 

29. A system for recovering target data provided in encrypted form to a party as part of a 
data set with which first and second trusted authorities are associated in a non-subvertible 
manner, the system comprising: 

a first computing entity, associated with the first trusted authority, for providing a first 
20 element to the party after verifying that a specific individual is a professional 

accredited with it; 
a second computing entity associated with the second trusted authority; 
a third computing entity, associated with a particular organisation, for providing a 
second element to the party after the second computing entity has verified that said 
25 particular organisation is accredited with it, and the third computing entity has 

verified that said specific individual is engaged by it; and 
a fourth computing entity, associated with said party, for decrypting the target data using 
the first and second elements; 
at least one of the first and third computing entities being arranged to ensure that its 
30 verification is for said party as said specific individual before providing the corresponding 
element to the party. 
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30. A system according to claim 29, wherein: 

said data set comprises an encrypted first item decryptable using a first decryption key 
obtainable from the first trusted authority and an encrypted second item decryptable 
using a second decryption key obtainable from the second trusted authority, both 
5 items requiring decryption for the target data to be recovered in clear; 

the first computing entity is arranged to provide said party, in a secure manner, with the 
first element only if it is satisfied that the party is a professional accredited with the 
first trusted authority, the first element being one of the first decryption key and the 
first item recovered with this key; 
10 the second computing entity is arranged to provide said particular organisation, in a 
secure manner, with the second decryption key, or the second item decrypted with 
this key, only if it is satisfied that the particular organisation is accredited with the 
second trusted authority; 

the third computing entity is arranged to provide said party with the second element 
15 only if it is satisfied that the party is engaged by said particular organisation with 

authority to access the target data, the second element being one of the second 
decryption key and the second item recovered with this key; and 

the fourth computing entity is arranged to recover the target data by using the decrypted 
first and second items. 

20 

31. A system according to claim 30, wherein the third computing entity is arranged to 
provide its output to said party in a secure manner. 

32. A system according to claim 30, wherein: 

25 the first item has been encrypted, according to an Identifier-Based Encryption, EBE, 
scheme, in dependence on encryption parameters comprising a first encryption key 
string that identifies said specific individual, and public data of the first trusted 
authority; the first computing entity being arranged to generate the first decryption 
key in dependence both on the first encryption key string and on private data related 

30 to said public data; and 

the second item has been encrypted, according to an IBE scheme, in dependence on 
encryption parameters comprising a second encryption key string that identifies a 
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specific organisation, and public data of the second trusted authority; the second 
computing entity being arranged to generate the second decryption key in dependence 
both on the second encryption key string and private data related to said public data, 
and the second computing entity being further arranged to provide the second 
5 decryption key, or the second item recovered using this key, to said particular 

organisation upon being satisfied that said particular organisation is the specific 
organisation identified in the second encryption key as well it as being an 
organisation accredited with the second trusted authority. 

10 33. A system according to claim 32, wherein the first item comprises the target data, and 
the second item comprises the encrypted first item; the fourth computing entity being 
arranged to: 

recover the second item, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
15 and 

subject the second item to decryption, using the first decryption key obtained from the 
first computing entity, to recover the target data. 

34. A system according to claim 32, wherein the first item comprises the target data, the 
20 second item comprises a nonce, and the first encryption key string comprises, in 
combination, an identifier of said specific individual and said nonce; the fourth computing 
entity being arranged to: 

recover the second item, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
25 combine the nonce that formed the second item with the identifier of said specific 
individual in order to form the first encryption key string, 
provide the first encryption key string to the first computing entity to obtain the first 
decryption key, and 

use the first decryption key obtained from the first computing entity to decrypt the first 
30 item and thereby recover the target data. 
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35. A system according to claim 32, wherein the first item comprises first data and the 
second item comprises second data, the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 
data; the fourth computing entity being arranged to: 
5 recover the first data, if not provided to it in decrypted form by the first computing 
entity, by using the first decryption key obtained from the first computing entity, 
recover the second data, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
use the first data and the second data to form said symmetric key, and 
10 use the symmetric key to decrypt the target data. 



36. A system according to claim 32, wherein the data set comprises, in addition to said 
first and second items, said target data encrypted using a first symmetric key, the second 
item comprising a second symmetric key, and the first item comprising the first symmetric 
1 5 key encrypted using the second symmetric key; the fourth computing entity being arranged 
to: 

recover the first item, if not provided to it in decrypted form by the first computing 

entity, by using the first decryption key obtained from the first computing entity, 
recover the second item, if not provided to it in decrypted form by the third computing 
20 entity, by using the second decryption key obtained from the third computing entity, 

use the second symmetric key that formed the second item to decrypt the encrypted first 

symmetric key that formed the first item, and 
use the first symmetric key to decrypt the encrypted target data. 



25 37. A system according to claim 29, wherein: 

said data set comprises an encrypted first item decryptable using a first decryption key 
obtainable from the first trusted authority and an encrypted second item decryptable 
using a second decryption key obtainable from the second trusted authority, both 
items requiring decryption for the target data to be recovered in clear and the data set 
30 identifying said specific individual; 

the first computing entity is arranged to provide said party with the first element only if 
it is satisfied that said specific individual, as identified in the data set, is a 
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professional accredited with the first trusted authority, the first element being one of 
the first decryption key and the first item recovered with this key; 
the second computing entity is arranged to provide said particular organisation, in a 
secure manner, with the second decryption key, or the second item decrypted with 
this key, only if it is satisfied that the organisation is accredited with the second 
trusted authority; 

the third computing entity is arranged to provide the party with the second element only 
if it is satisfied that said specific individual is engaged by the organisation with 
authority to access the target data, the second element being one of the second 
decryption key and the second item recovered with this key; and 
the fourth computing entity is arranged to recovering the target data by using the 
decrypted first and second items; 
at least one of the first and third computing entities being arranged to provide the 
corresponding element to said party in a secure manner and only after being satisfied that 
the party is the said specific individual identified in the data set. 

38. A system according to claim 37, wherein: 

the first item has been encrypted, according to an Identifier-Based Encryption, IBE, 
scheme, in dependence on encryption parameters comprising a first encryption key 
20 string that identifies said specific individual, and public data of the first trusted 

authority; the first computing entity being arranged to generate the first decryption 
key in dependence both on the first encryption key string and on private data related 
to said public data; and 
the second item has been encrypted, according to an IBE scheme, in dependence on 
25 encryption parameters comprising a second encryption key string that identifies a 

specific organisation, and public data of the second trusted authority; the second 
computing entity being arranged to generate the second decryption key in dependence 
both on the second encryption key string and private data related to said public data, 
and the second computing entity being further arranged to provide the second 
30 decryption key, or the second item recovered using this key, to said particular 

organisation upon being satisfied that said particular organisation is the specific 
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organisation identified in the second encryption key as well it as being an 
organisation accredited with the second trusted authority. 

39. A system according to claim 38, wherein the first item comprises the target data, and 
5 the second item comprises the encrypted first item; the fourth computing entity being 

arranged to: 

recover the second item, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
and 

10 subject the second item to decryption, using the first decryption key obtained from the 
first computing entity, to recover the target data. 

40. A system according to claim 38, wherein the first item comprises the target data, the 
second item comprises a nonce, and the first encryption key string comprises, in 

15 combination, an identifier of said specific individual and said nonce; the fourth computing 
entity being arranged to: 

recover the second item, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
combine the nonce that formed the second item with the identifier of said specific 
20 individual in order to form the first encryption key string, 

provide the first encryption key string to the first computing entity to obtain the first 
decryption key, and 

use the first decryption key obtained from the first computing entity to decrypt the first 
item and thereby recover the target data. 

25 

41. A system according to claim 38, wherein the first item comprises first data and the 
second item comprises second data, the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 
data; the fourth computing entity being arranged to: 

30 recover the first data, if not provided to it in decrypted form by the first computing 
entity, by using the first decryption key obtained from the first computing entity, 
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recover the second data, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
use the first data and the second data to form said symmetric key, and 
use the symmetric key to decrypt the target data. 

5 

42. A system according to claim 38, wherein the data set comprises, in addition to said 
first and second items, said target data encrypted using a first symmetric key, the second 
item comprising a second symmetric key, and the first item comprising the first symmetric 
key encrypted using the second symmetric key; the fourth computing entity being arranged 

10 to: 

recover the first item, if not provided to it in decrypted form by the first computing 
entity, by using the first decryption key obtained from the first computing entity, 

recover the second item, if not provided to it in decrypted form by the third computing 
entity, by using the second decryption key obtained from the third computing entity, 
1 5 use the second symmetric key that formed the second item to decrypt the encrypted first 
symmetric key that formed the first item, and 

use the first symmetric key to decrypt the encrypted target data. 

43. Apparatus for the secure provision of target data to a party purporting to be a specific, 
20 professionally-accredited, individual engaged by a specific accredited organisation, the 

apparatus comprising an encryption subsystem for generating a data set including the target 
data in encrypted form, the encryption subsystem comprising: 

first encryption means for encrypting a first item, according to an Identifier-Based 
Encryption, IBE, scheme, based on encryption parameters comprising a first 
25 encryption key string that identifies said specific individual, and public data of a first 

trusted authority competent in respect of professional accreditations; 
second encryption means for encrypting a second item, according to an IBE scheme, 
based on encryption parameters comprising a second encryption key string that 
identifies said specific organisation, and public data of a second trusted authority 
30 competent in respect of accreditations of organisations; and 

means for forming the data set using at least the encrypted first and second items; 
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the recovery of the target data in clear requiring decryption of both the first and second 
items. 

44. Apparatus according to claim 43, wherein the first item comprises the target data, and 
5 the second item comprises the encrypted first item. 

45. Apparatus according to claim 43, wherein the first item comprises the target data, and 
the second item comprises a nonce; the first encryption key string comprising, in 
combination, an identifier of said specific individual and said nonce. 

10 

46. Apparatus according to claim 43, wherein the first item comprises first data, and the 
second item comprises second data; the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 
data. 

15 

47. Apparatus according to claim 43, wherein the data set comprises, in addition to said 
first and second items, said target data encrypted using a first symmetric key, the second 
item comprising a second symmetric key, and the first item comprising the first symmetric 
key encrypted using the second symmetric key. 

20 

48. A computing entity for recovering target data provided in encrypted form as part of an 
data set that comprises first and second encrypted items both of which must be decrypted to 
recover the target data, the first item being encrypted in dependence on encryption 
parameters comprising a first encryption key string that identifies a specific individual and 

25 first public data, and the second item being encrypted in dependence on a second 
encryption key string that identifies a specific organisation and second public data; the 
entity comprising: 

first means for requesting either a first decryption key corresponding to the first 
encryption key string, or the first item in decrypted form, from a first trusted 
30 authority which is competent in respect of the accreditation of professionals and 

holds first private data related to the first public data, the first means being arranged 
to provide the first encryption key string to the first trusted authority when making its 
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request and being further arranged to authenticate the entity with the first trusted 
authority and to receive the first decryption key, or the first item, securely from the 
first trusted authority; 

second means for requesting either a second decryption key corresponding to the second 
5 encryption key string, or the second item in decrypted form, from an organisation 

accredited by a second trusted authority which holds second private data related to 
the second public data, the second means being arranged to provide the second 
encryption key string to the organisation when making its request and being further 
arranged to authenticate the entity with the organisation and receive the second 
10 decryption key, or the second item, from the organisation; 

third means for using the first decryption key, or the first item, provided by the first 
trusted authority and the second decryption key, or the second item, provided by the 
organisation, to recover the target data. 

15 49. A computing entity according to claim 48, wherein the second means is arranged to 
receive the second decryption key, or the second item, securely from the organisation. 

50. A computing entity according to claim 48, wherein the first item comprises the target 
data, and the second item comprises the encrypted first item; the third means being 

20 arranged to: 

recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, and 

subject the second item to decryption, using the first decryption key obtained from the 
first trusted authority, to recover the target data. 

25 

51. A computing entity according to claim 48, wherein the first item comprises the target 
data, the second item comprises a nonce, and the first encryption key string comprises, in 
combination, an identifier of said specific individual and said nonce; the third means being 
arranged to: 

30 recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, 
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combine the nonce that formed the second item with the identifier of said specific 
individual in order to form the first encryption key string to be provided by the first 
means to the first trusted authority, and 

use the first decryption key obtained from the first trusted authority to decrypt the first 
5 item and thereby recover the target data. 

52. A computing entity according to claim 48, wherein the first item comprises first data 
and the second item comprises second data, the data set further comprising said target data 
encrypted using a symmetric key that can be formed by using both said first and second 

1 0 data; the third means being arranged to 

recover the first data, if not provided to the first means by the first trusted authority, by 

using the first decryption key obtained from the first trusted authority, 
recover the second data, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, 
1 5 use the first data and the second data to form said symmetric key, and 
use the symmetric key to decrypt the target data. 

53. A computing entity according to claim 48, wherein the data set comprises, in addition 
to said first and second items, said target data encrypted using a first symmetric key, the 

20 second item comprising a second symmetric key, and the first item comprising the first 
symmetric key encrypted using the second symmetric key; the third means being arranged 
to: 

recover the first item, if not provided to the first means by the first trusted authority, by 
using the first decryption key obtained from the first trusted authority, 
25 recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, 

use the second symmetric key that formed the second item to decrypt the encrypted first 
symmetric key that formed the first item, and 

use the first symmetric key to decrypt the encrypted target data. 

30 
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54. A computing entity for recovering target data provided in encrypted form as part of an 
data set that comprises first and second encrypted items both of which must be decrypted to 
recover the target data; the first item being encrypted in dependence on a first encryption 
key string that identifies a specific individual, and first public data; and the second item 
5 being encrypted in dependence on a second encryption key that identifies a specific 
organisation and said specific individual, and second public data; the entity comprising: 

- first means for requesting either a first decryption key corresponding to the first 

encryption key, or the first item in decrypted form, from a first trusted authority 
which is competent in respect of the accreditation of professionals and holds first 
10 private data related to the first public data, the first means being arranged to provide 

the first encryption key string, or the first item, to the first trusted authority when 
making its request; 

- second means for requesting either a second decryption key corresponding to the second 

encryption key string, or the second item in decrypted form, from an organisation 
1 5 accredited by a second trusted authority which holds second private data related to 

the second public data, the second means being arranged to provide the second 
encryption key string to the organisation when making its request; and 

- third means for using the first decryption key, or the first item, provided by the first 

trusted authority and the second decryption key, or the second item, provided by the 
20 organisation, to recover the target data; 

at least one of the first means and the second means being arranged to authenticate the 
entity to the first trusted authority or said organisation as the case may be and to receive 
input therefrom in a secure manner. 

25 55. A computing entity according to claim 54, wherein the first item comprises the target 
data, and the second item comprises the encrypted first item; the third means being 
arranged to: 

recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, and 
30 subject the second item to decryption, using the first decryption key obtained from the 
first trusted authority, to recover the target data. 
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56. A computing entity according to claim 54, wherein the first item comprises the target 
data, the second item comprises a nonce, and the first encryption key string comprises, in 
combination, an identifier of said specific individual and said nonce; the third means being 
arranged to: 

5 recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, 
combine the nonce that formed the second item with the identifier of said specific 
individual in order to form the first encryption key string to be provided by the first 
means to the first trusted authority, and 
10 use the first decryption key obtained from the first trusted authority to decrypt the first 
item and thereby recover the target data. 



57. A computing entity according to claim 54, wherein the first item comprises first data 
and the second item comprises second data, the data set further comprising said target data 

15 encrypted using a symmetric key that can be formed by using both said first and second 
data; the third means being arranged to 

recover the first data, if not provided to the first means by the first trusted authority, by 

using the first decryption key obtained from the first trusted authority, 
recover the second data, if not provided to the second means in decrypted form by the 
20 organisation, by using the second decryption key obtained from the organisation, 

use the first data and the second data to form said symmetric key, and 
use the symmetric key to decrypt the target data. 

58. A computing entity according to claim 54, wherein the data set comprises, in addition 
25 to said first and second items, said target data encrypted using a first symmetric key, the 

second item comprising a second symmetric key, and the first item comprising the first 
symmetric key encrypted using the second symmetric key; the third means being arranged 
to: 

recover the first item, if not provided to the first means by the first trusted authority, by 
30 using the first decryption key obtained from the first trusted authority, 

recover the second item, if not provided to the second means in decrypted form by the 
organisation, by using the second decryption key obtained from the organisation, 
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use the second symmetric key that formed the second item to decrypt the encrypted first 

symmetric key that formed the first item, and 
use the first symmetric key to decrypt the encrypted target data. 



